DHS takes key role in DOD cybersecurity program

By Amber Corrin

Jan 18, 2012

The Pentagon’s Defense Industrial Base (DIB) Cyber Pilot, first outlined last July by then-Deputy Defense Secretary William Lynn, has given the Homeland Security department an expanded role; DHS will take over communications with private Internet service providers. The ISPs are a critical part of the pilot program, responsible for filtering incoming e-mails of DIB participants.

DIB, overall, is a voluntary partnership between DOD and the contractors supporting it in order to combat cyber threats.

With DHS now in on the program, it’s evolved into the Joint Cybersecurity Services Pilot (JCSP), according to a DHS privacy assessment.

“The JCSP seeks to build upon the DIB Opt-In Pilot and allow DHS, through the National Cyber Security Division U.S. Computer Emergency Readiness Team, to share indicators and other information about known or suspected cyber threats directly with [commercial service providers] to enhance the protection of JCSP participants, including certain DIB companies and any participating federal agencies,” the DHS assessment stated.

According to a NextGov report, DOD will continue to oversee communications with the contractors participating in the program.

There’s been talk of expanding the pilot since it was first rolled out. In his announcement Lynn said expansion of the program would be possible once an assessment of the program had been conducted.

That assessment has now been completed – with mixed reviews, according to a Washington Post report on the study’s findings, which have not been made public.

The initial leg of the pilot program has demonstrated the viability of information-sharing among private companies and government agencies, according to the Post report. It has also showed ISPs are capable of handling the classified National Security Agency-provided intelligence being used among participants, including NSA signatures of malicious code, which are the fingerprints of potentially dangerous malware.

But the program hasn’t proved effective in staving off cyber attacks that participants could have prevented themselves without the shared data. For example, of the 52 malicious activity incidents detected during the test run, only two were found using NSA’s data, the report stated.

“Unfortunately, the report on the DIB Pilot Program highlights one of my continuing points, that there is no silver bullet in cybersecurity,” Rep. James Langevin (D-R.I.), co-founder of the Congressional Cybersecurity Caucus, said in a statement. “Signature-based defenses alone will never be enough to secure our defense contractors, our classified networks or our critical infrastructure. We need a comprehensive approach to cybersecurity that incorporates innovative information-sharing arrangements with industry, while also boosting our capabilities for our own defenses and those who manage our critical infrastructure.”

While the pilot program is expanding by bringing DHS into the fold, it appears no new companies have been added. When Lynn announced the program last summer, he said the pilot comprises less than two dozen commercial defense companies with which DOD shares classified threat intelligence.

A two-year campaign that prompted the Department of Homeland Security to issue its first-ever emergency directive to agencies to shore up cyber defenses appears in part to have been an attempt to spy on U.S. government internet traffic.